Bug #11311: Listen and peer port validation in wg.inc - pfSense - pfSense bugtracker

Actions

Copy link

Bug #11311

closed

Listen and peer port validation in wg.inc

Added by John Clark almost 4 years ago. Updated almost 4 years ago.

Status:

Resolved

Priority:

Normal

Assignee:

Jim Pingle

Category:

VPN (Multiple Types)

Target version:

2.5.0

Start date:

01/25/2021

Due date:

% Done:

100%

Estimated time:

Plus Target Version:

Release Notes:

Affected Version:

2.5.0

Affected Architecture:

Description

The listen port in function wg_validate_post and the peer port in function wg_validate_peer do not appear to be validated correctly. Just about any text can be entered and accepted. This could be an issue with form field validation elsewhere, but something along the lines of the following code might help....

if (empty($lport) || !ctype_digit ($lport) || !in_array ((int) $lport, range (0, 65535)))

History
Notes
Property changes
Associated revisions

Actions

Copy link

Also available in: Atom PDF

Project

General

Profile

pfSense

Custom queries

Bug #11311

Listen and peer port validation in wg.inc

Updated by Jim Pingle almost 4 years ago

Updated by Jim Pingle almost 4 years ago

Updated by Max Leighton almost 4 years ago